Windows Malicious Software Removal Tool |
Obtaining patch information is critical while performing an audit on windows system. Windows Management Instrumentation allows obtain these information in command line in descriptive way.
command is should be run administrative command line. Out put can be sent to a text file.
- 'wmic qfe' will shows the all out put.
- 'wmic qfe > C:\updates.txt' will send all out put to text file in C:\ with name of updates.txt
- 'wmic qfe list brief' will out put brief description
- 'wmic qfe list brief | find "2011"' will shows updates installed on 2011
Here is a sample out for 'wmic qfe list brief | find "2011" > C:\updates.txt' in Windows Server 2003.
Security Update for Windows Internet Explorer 8 (KB2510531) Update KB2510531-IE8
Administrator 9/29/2011 SP0
Security Update for Windows Internet Explorer 8 (KB2544521) Update KB2544521-IE8
Administrator 9/29/2011 SP0
Security Update for Windows Internet Explorer 8 (KB2559049) Update KB2559049-IE8
Administrator 9/29/2011 SP0
Security Update for Windows Internet Explorer 8 (KB982381) Update KB982381-IE8
Administrator 9/29/2011 SP0
Update for Windows Internet Explorer 8 (KB982632) Update KB982632-IE8
Administrator 9/29/2011 SP0
Windows Server 2003 Service Pack 2 Service Pack KB914961
Administrator 9/28/2011 SP2
Security Update for Windows Server 2003 (KB2079403) Update KB2079403
Administrator 9/29/2011 SP3
Security Update for Windows Server 2003 (KB2115168) Update KB2115168
Administrator 9/29/2011 SP3
Security Update for Windows Server 2003 (KB2229593) Update KB2229593
Administrator 9/29/2011 SP3
Security Update for Windows Server 2003 (KB2296011) Update KB2296011
Administrator 9/29/2011 SP3
Update for Windows Server 2003 (KB2345886) Update KB2345886
Administrator 9/29/2011 SP3
Security Update for Windows Server 2003 (KB2347290) Update KB2347290
Administrator 9/29/2011 SP3
(Note that text are wraped)
Other than 'qfe' option following options are available in wmic.
- ALIAS - Access to the aliases available on the local system
- BASEBOARD - Base board (also known as a motherboard or system board) management.
- BIOS - Basic input/output services (BIOS) management.
- BOOTCONFIG - Boot configuration management.
- CDROM - CD-ROM management.
- COMPUTERSYSTEM - Computer system management.
- CPU - CPU management.
- CSPRODUCT - Computer system product information from SMBIOS.
- DATAFILE - DataFile Management.
- DCOMAPP - DCOM Application management.
- DESKTOP - User's Desktop management.
- DESKTOPMONITOR - Desktop Monitor management.
- DEVICEMEMORYADDRESS - Device memory addresses management.
- DISKDRIVE - Physical disk drive management.
- DISKQUOTA - Disk space usage for NTFS volumes.
- DMACHANNEL - Direct memory access (DMA) channel management.
- ENVIRONMENT - System environment settings management.
- FSDIR - Filesystem directory entry management.
- GROUP - Group account management.
- IDECONTROLLER - IDE Controller management.
- IRQ - Interrupt request line (IRQ) management.
- JOB - Provides access to the jobs scheduled using the schedule service.
- LOADORDER - Management of system services that define execution dependencies.
- LOGICALDISK - Local storage device management.
- LOGON - LOGON Sessions.
- MEMCACHE - Cache memory management.
- MEMLOGICAL - System memory management (configuration layout and availability of memory).
- MEMORYCHIP - Memory chip information.
- MEMPHYSICAL - Computer system's physical memory management.
- NETCLIENT - Network Client management.
- NETLOGIN - Network login information (of a particular user) management.
- NETPROTOCOL - Protocols (and their network characteristics) management.
- NETUSE - Active network connection management.
- NIC - Network Interface Controller (NIC) management.
- NICCONFIG - Network adapter management.
- NTDOMAIN - NT Domain management.
- NTEVENT - Entries in the NT Event Log.
- NTEVENTLOG - NT eventlog file management.
- ONBOARDDEVICE - Management of common adapter devices built into the motherboard (system board).
- OS - Installed Operating System/s management.
- PAGEFILE - Virtual memory file swapping management.
- PAGEFILESET - Page file settings management.
- PARTITION - Management of partitioned areas of a physical disk.
- PORT - I/O port management.
- PORTCONNECTOR - Physical connection ports management.
- PRINTER - Printer device management.
- PRINTERCONFIG - Printer device configuration management.
- PRINTJOB - Print job management.
- PROCESS - Process management.
- PRODUCT - Installation package task management.
- QFE - Quick Fix Engineering.
- QUOTASETTING - Setting information for disk quotas on a volume.
- RDACCOUNT - Remote Desktop connection permission management.
- RDNIC - Remote Desktop connection management on a specific network adapter.
- RDPERMISSIONS - Permissions to a specific Remote Desktop connection.
- RDTOGGLE - Turning Remote Desktop listener on or off remotely.
- RECOVEROS - Information that will be gathered from memory when the operating system fails.
- REGISTRY - Computer system registry management.
- SCSICONTROLLER - SCSI Controller management.
- SERVER - Server information management.
- SERVICE - Service application management.
- SHADOWCOPY - Shadow copy management.
- SHADOWSTORAGE - Shadow copy storage area management.
- SHARE - Shared resource management.
- SOFTWAREELEMENT - Management of the elements of a software product installed on a system.
- SOFTWAREFEATURE - Management of software product subsets of SoftwareElement.
- SOUNDDEV - Sound Device management.
- STARTUP - Management of commands that run automatically when users log onto the computer system.
- SYSACCOUNT - System account management.
- SYSDRIVER - Management of the system driver for a base service.
- SYSTEMENCLOSURE - Physical system enclosure management.
- SYSTEMSLOT - Management of physical connection points including ports, slots and peripherals, and proprietary connections points.
- TAPEDRIVE - Tape drive management.
- TEMPERATURE - Data management of a temperature sensor (electronic thermometer).
- TIMEZONE - Time zone data management.
- UPS - Uninterruptible power supply (UPS) management.
- USERACCOUNT - User account management.
- VOLTAGE - Voltage sensor (electronic voltmeter) data management.
- VOLUME - Local storage volume management.
- VOLUMEQUOTASETTING - Associates the disk quota setting with a specific disk volume.
- VOLUMEUSERQUOTA - Per user storage volume quota management.
- WMISET - WMI service operational parameters management.
No comments:
Post a Comment